Personal content control on media device using mobile user device

ABSTRACT

A method for controlling personal content on a media device includes establishing, at the media device, a wireless connection with a mobile user device using a wireless communication circuit of the media device; receiving, from the mobile user device, account information for an account associated with personal content, the personal content of the account accessible by the media device from a server computer over a communication network or from a memory of the media device; receiving, from the mobile user device, a usage term for accessing or using the personal content of the account; and controlling access to or usage of the personal content of the account by the media device based on the received account information and the usage term.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No.13/406,457, filed Feb. 27, 2012, which is hereby incorporated byreference herein in its entirety.

TECHNICAL FIELD

The present disclosure relates generally to authentication orauthorization and more particularly, to personal device basedauthentication or authorization in applications running on shared mediadevices.

BACKGROUND

Shared connected customer electronics devices like a television (TV),digital video recorder (DVR), a Blu-Ray player, or other set-top box maybe running applications that require accessing personal content likeuser photos, e-mails, news, or personalized TV program recommendations.

Shared devices, by definition, are shared among multiple users (familyor housemates). Therefore, one user's content may be exposed to otherusers leading to private information leaks and presenting inappropriateor wrong data. Therefore, mechanisms must be used to determine who iscurrently using the shared device. Moreover different users may/or maynot want shared-device applications to use their accounts or only wantthe shared-device applications to use their accounts under certainconditions.

These mechanisms should not involve typing a password with every userchange as this can happen very often with televisions. Televisions andmany other shared devices usually do not have convenient keyboards andtherefore typing complex passwords may be difficult. Because the shareddevices are shared by many people who may watch the user's hands or thescreen, typing the password can be risky.

SUMMARY OF THE DISCLOSURE

A method for controlling personal content on a media device includes(but is not limited to) any one or combination of: (i) establishing, atthe media device, a wireless connection with a mobile user device usinga wireless communication circuit of the media device; (ii) receiving,from the mobile user device, account information for an accountassociated with personal content, the personal content of the accountaccessible by the media device from a server computer over acommunication network or from a memory of the media device; (iii)receiving, from the mobile user device, a usage term for accessing orusing the personal content of the account, wherein the usage termspecifies at least one rule for accessing or using the personal contentof the account; and (iv) controlling access to or usage of the personalcontent of the account by the media device to the personal content ofthe account based on the received account information and the usageterm.

In various implementations, the method further includes receiving, fromthe mobile user device, a request to terminate the wireless connection.

In various implementations, the media device is one of a television, adigital video recorder, a video game system, an optical disc player, anda media player for playing media on a television.

In various implementations, the media device comprises a smart TVmodule.

In various implementations, the mobile user device is one of a cellphone, a tablet, and a personal digital assistant.

In various implementations, the personal content comprises mediacontent. In some implementations, the media content comprises at leastone of video content, image content, and audio content.

In various implementations, the account is an account for a socialnetwork website.

In various implementations, the account is an account for a file-sharingwebsite.

In various implementations, the account information for the accountincludes at least one of a user name and password for accessing thepersonal content of the account.

In various implementations, the account information for the accountcomprises includes one or more of authentication or authorizationinformation for accessing the personal content of the account.

In various implementations, the usage term includes a confirmation to ausage term provided by the media device.

In various implementations, the method further includes receiving, fromthe mobile user device, a list of accounts for which the mobile userdevice has account information. In some implementations, the methodfurther includes receiving account information for a selected account ofthe accounts in the list.

A computer program product for controlling personal content on a mediadevice includes a computer-readable medium comprising code for (but isnot limited to) any one or combination of: (i) establishing, at themedia device, a wireless connection with a mobile user device using awireless communication circuit of the media device; (ii) receiving, fromthe mobile user device, account information for an account associatedwith personal content, the personal content of the account accessible bythe media device from a server computer over a communication network ora memory of the media device; (iii) receiving, from the mobile userdevice, a usage term for accessing or using the personal content of theaccount, the usage term specifying at least one rule for accessing orusing the personal content of the account; and (iv) controlling accessto or usage of the personal content of the account by the media devicebased on the received account information and the usage term.

A system for controlling personal content on a media device includes aprocessor. The processor is configured to establish a wirelessconnection with a mobile user device using a wireless communicationcircuit of the media device. The processor is configured to receive,from the mobile user device, account information for an accountassociated with personal content. The personal content of the account isaccessible by the media device from a server computer over acommunication network or from a memory of the media device. Theprocessor is configured to receive, from the mobile user device, a usageterm for accessing or using the personal content of the account. Theusage term specifies at least one rule for accessing or using thepersonal content of the account. The processor is configured to controlaccess to or usage of the personal content of the account by the mediadevice based on the received account information and the usage term.

A method for controlling personal content on a media device via a mobileuser device includes (but is not limited to) any one or combination of:(i) establishing, at the mobile user device, a wireless connection withthe media device; (ii) providing account information for an accountassociated with personal content to the media device, the personalcontent of the account accessible by the media device from a servercomputer over a communication network or from a memory of the mediadevice; and (iii) providing, to the media device, a usage term foraccessing or using the personal content of the account. The usage termspecifies at least one rule for accessing or using the personal contentof the account. Access to or usage of the personal content of theaccount by the media device is controlled based on the provided accountinformation and the usage term.

In various implementations, the method further includes terminating thewireless connection.

In various implementations, the media device is one of a television, adigital video recorder, a video game system, an optical disc player, amedia player for playing media on a television, and a smart TV module.

In various implementations, the mobile user device is one of a cellphone, a tablet, and a personal digital assistant.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an illustrative network environment according to variousimplementations of the disclosure.

FIG. 2 illustrates a content access control method according to variousimplementations of the disclosure.

FIG. 3 is a block diagram of a shared media device according to variousimplementations of the disclosure.

DETAILED DESCRIPTION

Various implementations are directed toward a personal or mobile deviceowned or used mostly by a single user that contains user accountinformation for accessing personal content or the like along with usagepermissions, such as only allowing access to personal content of certainaccounts or allowing certain applications to access personal content ofaccounts. The personal device is configured to cooperate with a sharedmedia device that is generally used by multiple users to provide theshared media device with the information to allow the shared mediadevice to access the Internet content based on the information providedby the personal device.

FIG. 1 is an illustrative network environment 100 including a personaldevice 10 and a shared media device 20. The personal device 10 and theshared media device 20 are configured to transmit and/or receive dataand information over a wireless communication interface (e.g., network30). Coupled with the network 30 are one or more servers illustrated byserver 40. In various implementations, a website 42 may reside on theserver 40. The network 30 may represent one or both of local areanetworks (LAN) and wide area networks (WAN) and/or any other networkenvironment. In particular implementations, the shared media device 20may be coupled to the server 40 via a WAN (e.g., Internet), the sharedmedia device 20 may be coupled to the personal device 10 directly orthrough a base station 15, such as a hub or router, via a LAN. The basestation 15 may be coupled to the server 40 via a WAN or a router or thelike that can communicate with the server 40.

The personal device 10 may be, but is not limited to, a mobile phone(e.g., a smart phone), a tablet computer, a personal computer, a laptopcomputer, a personal digital assistant (PDA), a video (or other media)player, another consumer electronic device, and/or the like. The termspersonal device and mobile user device may be used interchangeablythroughout the disclosure unless otherwise specified. The shared mediadevice 20 can be, but is not limited to, a set-top box, a smart TV, adisk player (e.g., Blu-Ray, high-definition digital versatile disc(HD-DVD), a digital versatile disc (DVD), a digital video recorder(DVR), a video game system, or another computing device.

In various implementations, the shared media device 20 is or includes asmart television module (or connected television module, hybridtelevision module, etc.), which may include a processing circuitconfigured to integrate internet connectivity with more traditionaltelevision programming sources (e.g., received via cable, satellite,over-the-air, or other signals). The smart television module may bephysically incorporated into a television set or may include a separatedevice such as a set-top box, Blu-ray or other digital media player,game console, hotel television system, and other companion device.

A smart television module may be configured to allow viewers to searchand find videos, movies, photos and other content on the web, on a localcable TV channel, on a satellite TV channel, or stored on a local harddrive. A set-top box (STB) or set-top unit (STU) may include aninformation appliance device that may contain a tuner and connect to atelevision set and an external source of signal, turning the signal intocontent that is then displayed on the television screen or other displaydevice. A smart television module may be configured to provide a homescreen or top level screen including icons for a plurality of differentapplications, such as a web browser and a plurality of streaming mediaservices (e.g., Netflix, Vudu, Hulu, etc.), a connected cable orsatellite media source, other web “channels”, etc. The smart televisionmodule may further be configured to provide an electronic programmingguide to the user.

A companion application to the smart television module may be operableon the personal device 10 or other mobile computing device to provideadditional information about available programs to a user, to allow theuser to control the smart television module, etc. In alternateimplementations, the features described herein may be implemented on alaptop computer or other personal computer, a smartphone, other mobilephone, handheld computer, a tablet PC, or other computing device.

In various implementations, the shared media device 20 includes asecurity module 22. In some implementations, the security module 22 mayinclude an account manager module and an external user module. Theaccount manager module may be configured to perform several functions(for instance, as detailed in the disclosure) including, but not limitedto, managing a list of accounts and their private data (i.e., accountinformation for accessing an account), managing access rights ofapplications for local or all accounts (e.g., presenting GUI to grantaccess rights), generating and providing authorization tokens toapplications for local or all accounts and/or requesting authorizationtoken generation from the personal device 10 for external accounts,and/or the like. It should be noted that the terms authorization andauthentication may be used interchangeably unless otherwise specified.

The external user manager module may be configured to perform severalfunctions (for instance, as detailed in the disclosure) including, butnot limited to, managing a list of connected personal devices 10 andaccounts associated with them, providing accounts and optionally theirpreviously stored private data from the personal device 10 to theaccount manager module of the shared media device 20, providing initialaccounts access rights to the account manager module of the shared mediadevice 20, updating accounts with changes to private data and/or changesto access rights to the personal device 10 for storage (e.g., in casethe account manager module of the shared media device 20 manages them),removing accounts from the account manager module of the shared mediadevice 20 when the personal device 10 is disconnected from the sharedmedia device 20, and/or the like. In other implementations, the accountmanager module and the external user module may be one module. In yetother implementations, one or more of the account manager module and theexternal user module may be separate from the security module 22.

In various implementations, the personal device 10 includes a credentialmodule 12. In some implementations, the credential module 12 may be ormay include an account manager module configured to perform severalfunctions (for instance, as detailed in the disclosure) including, butnot limited to, managing a list of accounts to share with the sharedmedia device 20, managing and/or storing private data and access rightsof accounts for each shared media device 20 (e.g., presenting GUI togrant access rights), providing accounts to the shared media device 20,generating and providing authorization tokens to the shared media device20, and/or the like.

FIG. 2 illustrates a personal content access control method B200according to various implementations of the disclosure. With referenceto FIGS. 1 and 2, at block B210, the shared media device 20 establishesa connection with the personal device 10 over the network 30. In someimplementations, the connection is a direct connection (e.g., infrared,Bluetooth, Wi-Fi, or the like) between the shared media device 20 andthe personal device 10. In other implementations, the connection isthough a local access point, such as the base station 15 (e.g., router)or the like. In yet other implementations, the connection is through aserver connected via a WAN. In some implementations, the personal device10 may add the shared media device 20 to a list of connected devices.The shared media device 20 may add the personal device 10 to theexternal user manager module, which may be part of the security module22, of the shared media device 20.

At block B220, the security module 22 of the shared media device 20receives a notification that account information for accessing personalcontent may be received (or is otherwise available) from the credentialmodule 12 of the personal device 10. In some implementations, thesecurity module 22 may receive a list of a plurality of personal contentaccounts available from the personal device 10. In particularimplementations, new or updated personal content account entries aremerged or synchronized with a list stored on the shared media device 20.In some implementations, the user, via the personal device 10 (or theshared media device 20), may define which personal content accounts willbe made available for the shared media device 20. In someimplementations, the list is received in response to establishing theconnection, at a defined interval (e.g., daily, weekly, monthly, etc.),and/or in response to a predetermined event (e.g., the user initiatingthe list transmittal, for instance from the personal 10 device or theshared media device 20, to the shared media device 20).

At block B230, the shared media device 20 receives from the personaldevice 10 usage terms for controlling access to and/or usage of thepersonal content of the accounts. According to various implementations,usage terms includes one or more rules that determine, define, limit, orotherwise control access to and/or usage of the personal content of theaccounts. Usage terms may include, but are not limited to, duration forallowing access to the personal content, to which specific personalcontent to allow access, to which specific personal content not to allowaccess, to which applications on the shared media device 20 can accessthe personal content, to which types of smart media devices to allowaccess, when (or when not to) allow access, restrictions on usage of thepersonal content (e.g., cannot be copied, shared by others, etc.),instructions for certain circumstances (e.g., invalidate access if theconnection between the personal device 10 and the shared media device 20is broken), and/or the like. In some implementations, the personaldevice 10 prompts the user to define the usage terms or accept the usageterms proposed by the shared media device 20 (or the personal device10). Accordingly, the defined usage terms or a confirmation that theproposed usage terms have been accepted may be received from thepersonal device 10 to the shared media device 20.

At block B240, the shared media device 20 receives from the personaldevice the account information (also referred to as private data) foraccessing the personal content (or at least a portion of the personalcontent, for instance, as determined by a usage term) of the account.The account information may include, but is not limited to,account/login/username (e.g., john@gmail.com), internal accountidentifier or account number (e.g., 234278192, password (e.g.,mylittlesecret5432), PIN to grant short-term access to the account(e.g., 3210), authentication tokens, vendor-specific data, or any typeof personal data and/or authentication information, one or more of whichmay be encrypted. An authentication token may be a random-like stringused to authenticate requests to the server hosting the account (e.g.,sda123s3dk23asg5h27zg). In some implementations, the token is generatedby the server during the login phase (e.g., in response to a request bythe personal device 10) and typically have a limited lifetime (e.g.,days, weeks, months) but during that time, the device attempting tologin does not need to store/request a password. Once the authenticationtoken is expired, the authentication token needs to be renewed. Forinstance, the user may be prompted for the password or a stored passwordmay be used. In other implementations, tokens have any suitablevendor-specified behavior or the like.

Accordingly, with the account information received from the personaldevice 10, the shared media device 20 can access the personal contentbased on the usage terms. In particular implementations, the sharedmedia device 20 controls access to and/or usage of the personal contentbased on the usage terms. For instance, the shared media device 20 mayprevent any non-approved applications or users from accessing thepersonal content. In some implementations, the usage terms may bereceived by the shared media device 20 substantially simultaneous with(e.g., during a same communication transmission or session) or after theaccount information is received by the shared media device 20. In someimplementations, new usage terms may be received from the personaldevice 10 to update the usage terms previously received from thepersonal device 10.

Thus according to various implementations, upon or as part of a processfor establishing a connection with the personal device 10 and the sharedmedia device 20, the shared media device 20 may request from thepersonal device 10 a list of accounts that the personal device 10 mayshare with the shared media device 20. In response, the personal device10 may send the list of accounts to be shared to the shared media device20. For each account obtained, the shared media device 20 may requestfrom the personal device 10 additional data attached to the account(e.g., access rights, usage terms, password, etc.). If the shared mediadevice 20 is to be responsible for access rights management, then thepersonal device 10 returns private data required to get access to theaccount (e.g., password), other private data specific for the sharedmedia device 20 (previously stored, if any), access rights for theshared media device 20 (also previously stored, if any). The sharedmedia device 20 then adds the account to an account manager module,which may be part of the security module 22, together with additionaldata for this account, if any has been provided by the personal device10. The shared media device 20 may also store the list of accounts addedto the account manager from the personal device 10 for future access.

In various implementations, the shared media device 20 and/or thepersonal device 10 are configured to control access by an application ofthe shared media device 20 to an account of the personal device 10. Forinstance, if account data (on the shared media device 20) allows accessrights management and is enough for authorization (e.g., to have anauthorization token generated), but the application has not been grantedrights to use the account, a graphical user interface (GUI) may bedisplayed requesting access rights, in response to which the system mayreceive credentials from a user. This GUI may be created on the sharedmedia device 20 and/or the personal device 10 to receive the credentialsfrom the user. If account data (on the shared media device 20) allowsaccess rights management and is enough for authorization (e.g., to havean authorization token generated) and the application has been grantedrights to use the account (previously and/or through the GUI requestingaccess), the application is granted access to the account (e.g., byhaving an authorization token generated).

If access rights management is not possible or there is no data requiredfor authorization, a request may be directed to the personal device 10.Accordingly, if the application of the shared media device 20 has notyet been granted rights to use the account, a GUI may be created (e.g.,displayed) on the shared media device 20 and/or the personal device 10with a request to grant or deny such rights. If the application of theshared media device 20 has been granted rights to use the account (e.g.,previously or through the grant access GUI), the personal device 10 mayprovide the shared media device 20 access to the account (e.g., bygenerating and sending an authorization token to the shared media device20). The shared media device 20 then provides the data result (e.g.,authorization token) obtained from the personal device 10.

In some implementations, the GUI for requesting access may include twowindows—one displayed on the shared media device 20, the other onedisplayed on the personal device 10. The GUI may display (but is notlimited to) information about which application is trying to gain accessto which account (on one or both devices); information that the personaldevice 10 can be used to grant access on the shared media device 20; anoption to deny access (on one or both devices) temporarily/forever; anoption to grant access according to a of usage terms (on personal device10) temporarily/forever; and/or the like. In particular implementations,one of the devices 10, 20 initiates the creation of the GUI. Selectingan option on one of the devices 10, that changes access rights willresult in modifying access rights on the device the has initiated theGUI creation and closing the GUI (on both devices). If access rights aremodified on the shared media device 20 (and initiated the GUI), theaccess rights change is forwarded to the personal device 10, so thechanged access rights can be stored for later usage.

In various implementations, the personal device 10 can provideadditional instructions at any time. For instance, the personal device10 can terminate access to the personal content at anytime (e.g.,invalidating authentication token, requesting the shared media device 20to delete the received account information, etc.). In variousimplementations, upon disconnecting the personal device 10 from theshared media device 20 additional processes may be performed. Forinstance, if the personal device 10 had generated any authorizationtokens, the tokens may be invalidated by the personal device 10. Thepersonal device 10 may remove the shared media device 20 from the listof connected devices. The shared media device 20 may remove the personaldevice 10 from the external user manager module. The shared media device20 may obtain (e.g., stored when adding the personal device 10) a listof accounts assigned to the personal device 10 to remove those accountsfrom the account manager. The shared media device 20 may invalidate anauthorization tokens for these accounts.

Throughout various implementations, personal content to which access maybe controlled may include (but is not limited to) emails, SMS messages,social network content, media content (e.g., images, photos, videos,audio files, etc.), documents (e.g., spreadsheets, slideshowpresentations, etc.), video game files (e.g., save information),sensitive information (e.g., banking data, medical data, etc.), and/ortype of information or data that may require authentication orauthorization for access. Throughout various implementations, thepersonal content can be accessed through (but not limited to) a website(located on a server), a content server (e.g., media server), a databaseserver, and/or the like. In various implementations the personal contentis content that may also be accessible and usable (e.g., viewable,playable, displayable, etc.) on the personal device 10 and/or otherdevices that are not providing the account information to the sharedmedia device 20. Thus in various implementations, the personal contentaccessed on the shared media device 20 need not be a type of contentthat can only be accessed on the shared media device 20.

Illustrative Implementations

Alice and Bob are married and have a fourteen-year-old son, Charlie.Each of them has their own smart phone that contains personalinformation.

Charlie wants to show some of his online photos to his parents withoutgiving them his account information for accessing the online photos. Hemay use his smart phone (personal device) to provide access to hisonline photos on the family television (shared device or connected tothe shared device). He can also designate (provide usage terms) to allowaccess to photos in his school trip photo album and that access is validfor up to one hour. Accordingly, his parents are able to view only thephotos in his school trip album and not any other photos of Charlie forwhich Charlie did not provide access through his smart phone. Inaddition, as defined in the usage terms, if not terminated sooner (e.g.,Charlie manually requests access be terminated, the access to the photosmay also terminate in one hour automatically such that the photos couldnot be accessed later without Charlie's authorization (e.g., byrepeating the authorization above).

Bob enjoys using a social network while watching television programs onthe television (shared media device or otherwise associated with ashared media device) to share his thoughts with friends, have livenotifications on the television, and/or the like. He prefers not toremain logged in on the television (e.g., Charlie may secretly use hisaccount, Alice may learn of a gift Bob bought for Alice, etc.).Accordingly, Bob may use his smart phone to login on the television tothe social network with minimal operation of the phone (e.g., one or twoclicks or the like) when he is watching television and log out when heis done watching television. For instance, Bob may have set usage termsto invalidate his authorization (e.g., log out) after a period of time(e.g., three hours) of logging in or inactivity, when the television (orother device) is turned off (e.g., indicating that he is done watchingtelevision), for television (or media) content that Bob has notpre-approved (e.g., authorization allowed for sports programming;authorization not allowed for reality television programming; etc.),and/or the like.

Alice visits her brother, Dave, to show him some photos. She may userher smart phone to pass a temporary authorization (access) to Dave'ssmart television module to provide access for a particular photoapplication of the smart television module only (as opposed to otherapplications of the smart television module) and invalidates the accessas soon as she leaves. For instance, Alice may manually invalidateaccess or set her usage terms such that the access is invalidated whenthe connection between her smart phone and the smart television moduleis broken, for instance, when the devices are no longer in range tocommunicate with each other upon Alice leaving Dave's home.

FIG. 3 is a block diagram illustrating a shared media device (e.g., 20in FIG. 1) that can be used to perform at least some of the variousoperations described in the disclosure. With reference to FIGS. 1-3, theshared media device 20 includes an address/data bus 340 forcommunicating information between one or more of the components of theshared media device 20. A processor 310 is coupled with the bus 340 forprocessing information and instructions. The components may beconfigured to communicate with each other using interfaces such as (butnot limited to) one or more universal serial bus (USB) interfaces,micro-USB interfaces, universal asynchronous receiver-transmitter (UART)interfaces, general purpose input/output (GPIO) interfaces (e.g.,inter-integrated circuit (i2C)), control/status lines, control/datalines, shared memory, and/or the like.

The processor 310 may be responsible for executing various softwareprograms such as application programs and system programs to providecomputing and processing operations for the shared media device 20. Theprocessor 310 may be responsible for performing various voice and datacommunications operations for the shared media device 20 such astransmitting and receiving voice and data information over one or morewireless communications channels.

The shared media device 20 includes a storage device 320 that caninclude any suitable type of storage including, for example, a hard diskdrive for reading from and writing to a hard disk, a magnetic disk drivefor reading from or writing to a (e.g., removable) magnetic disk, anoptical disk drive for reading from or writing to a removable (magneto-)optical disk such as a compact disk or other (magneto-) optical media,or any other type of storage medium. The shared media device 20 mayinclude volatile memory (e.g., random access memory, RAM) coupled withthe bus 340 for storing information and instructions for the processor310 and/or a non-volatile memory (e.g., read only memory, ROM) coupledwith the bus 340 for storing static information and instructions for theprocessor 310. In other implementations, memory may be implemented usingany machine-readable or computer-readable media capable of storing datasuch as (but not limited to) volatile memory or non-volatile memory,removable or nonremovable memory, erasable or non-erasable memory,writeable or re-writeable memory, and/or the like. Examples ofmachine-readable storage media may include, without limitation,random-access memory (RAM), dynamic RAM (DRAM), Double-Data-Rate DRAM(DDRAM), synchronous DRAM (SDRAM), static RAM (SRAM), read-only memory(ROM), programmable ROM (PROM), erasable programmable ROM (EPROM),electrically erasable programmable ROM (EEPROM), flash memory (e.g., NORor NAND flash memory), or any other type of media suitable for storinginformation. In some implementations, a PC board or the like cancontain, for example, the processor 310, the bus 340, the RAM, the ROM,and/or the like.

Although the memory may be shown as being separate from the processor310 for purposes of illustration, in various implementations, someportion or the entire memory may be included on the same integratedcircuit as the processor 310. Alternatively, some portion or the entirememory may be disposed on an integrated circuit or other medium (e.g.,hard disk drive) external to the integrated circuit of the processor310. In various implementations, the shared media device 20 may comprisean expansion slot (not shown) to support a multimedia and/or memorycard, for example.

In various implementations, the shared media device 20 may comprise aninput/output (I/O) interface 330 coupled to the processor 310. The I/Ointerface 330 may comprise one or more I/O devices such as (but notlimited to) a serial connection port, an infrared port, integratedBluetooth® wireless capability, integrated 802.11x (WiFi) wirelesscapability, and/or the like to enable wired (e.g., USB cable) and/orwireless connection to a local device, such as the personal device 10, abase station, a personal computer (PC), and/or the like. In variousimplementations, the shared media device 20 may be configured totransfer and/or synchronize information with the personal device 10. Forinstance, the personal device 10 may be used as an input device 332 (orcommunicate with the input put device 332) to provide commands andinformation (e.g., as entered by a user of the personal device 10) tothe shared media device 20, program the shared media device 20 (e.g.,set preferences), and/or the like. Some non-limiting examples of inputdevices 332 for providing data to the shared media device 20 (e.g.,directly to the shared media device 20 or via the personal device 10)include, but are not limited to, a keyboards, a pointing device (e.g., amouse), a microphone, a touch input interface, a joystick, a game pad, asatellite dish, a scanner, and/or the like. An output device 334 mayinclude (but is not limited to) a monitor or other types of displaydevices, which can be connected to the bus 340 via an appropriateinterface. In addition (or instead of) the monitor, the user terminalmay include other (peripheral) output devices (not shown), such asspeakers and printers for example. In some cases, the output device 334can include a component for providing one or more of a visual output, ahaptic output, or an audio output.

In various implementations the shared media device 20 also includes acommunication module that may be part of (or otherwise associated with)the I/O interface 330. The communication module may comprise one or moretransceivers configured to communicate using different types ofprotocols, communication ranges, operating power requirements, RFsub-bands, information types (e.g., voice or data), use scenarios,applications, and/or the like. In various implementations, thecommunication module may comprise one or more transceivers configured tosupport communication with local devices (e.g., personal device 10, basestation, server, and/or the like) using any number or combination ofcommunication standards.

In various implementations, the communication module can also exchangevoice and data signals with devices using any number or combination ofcommunication standards (e.g., GSM, CDMA, TDNM, WCDMA, OFDM, GPRS,EV-DO, WiFi, WiMAX, S02.xx, UWB, LTE, satellite, etc). The techniquesdescribed herein can be used for various wireless communication networkssuch as Code Division Multiple Access (CDMA) networks, Time DivisionMultiple Access (TDMA) networks, Frequency Division Multiple Access(FDMA) networks, Orthogonal FDMA (OFDMA) networks, Single-Carrier FDMA(SC-FDMA) networks, etc. The terms “networks” and “systems” are oftenused interchangeably. A CDMA network can implement a radio technologysuch as Universal Terrestrial Radio Access (UTRA), cdma2000, etc. UTRAincludes Wideband-CDMA (W-CDMA) and Low Chip Rate (LCR). CDMA2000 coversIS-2000, IS-95, and IS-856 standards. A TDMA network can implement aradio technology such as Global System for Mobile Communications (GSM).An OFDMA network can implement a radio technology such as Evolved UTRA(E-UTRA), IEEE 802.11, IEEE 802.16, IEEE 802.20, Flash-OFDM, etc. UTRA,E-UTRA, and GSM are part of Universal Mobile Telecommunication System(UMTS). Long Term Evolution (LTE) is an upcoming release of UMTS thatuses E-UTRA. UTRA, E-UTRA, GSM, UMTS, and LTE are described in documentsfrom an organization named “3rd Generation Partnership Project” (3GPP).CDMA2000 is described in documents from an organization named “3rdGeneration Partnership Project 2” (3GPP2). Power for the communicationmodule 230 may be supplied by the battery cells 210.

In various implementations, the communication module may comprise one ormore transceivers configured to perform data communications inaccordance with one or more wireless communications protocols such as(but not limited to) WLAN protocols (e.g., IEEE 802.11a/b/g/n, IEEE802.16, IEEE 802.20, etc.), PAN protocols, Low-Rate Wireless PANprotocols (e.g., ZigBee, IEEE 802.15.4-2003), Infrared protocols,Bluetooth protocols, EMI protocols including passive or active RFIDprotocols, and/or the like.

The communication module may be coupled to the bus 340 for providing acommunication link between the shared media device 20 and the network30. As such, the communication module enables the processor 310 tocommunicate wirelessly with other electronic systems coupled to thenetwork 30. For instance, the communication module may be coupled to anantenna (not shown) and provides functionality to transmit and receiveinformation over a wireless communication interface.

As such, in various implementations, the communication module is forcommunicating with a remote device. For instance, in someimplementations, the communication module is for communicating with aremote device, such as the server (having a website), via the network30. In some implementations, the communication module is forcommunicating directly with a base station (e.g., hub, router, etc.) orother local device (e.g., personal device).

The communication module may be implemented using one or more chips asdesired for a given implementation. In some implementations, thecommunication module may be separate from and external to the processor310. In various implementations, some portion or the entirecommunication module may be included on the same integrated circuit asthe processor 310.

In some implementations, the shared media device 20 may include anantenna system (not shown) for transmitting and/or receiving electricalsignals using WWAN protocols, WLAN protocols, and/or the like. Forinstance, the antenna system may be coupled to the processor 310 throughthe communication module. The antenna system may comprise or beimplemented as one or more internal antennas and/or external antennas.

It is understood that the specific order or hierarchy of steps in theprocesses disclosed is an example of illustrative approaches. Based upondesign preferences, it is understood that the specific order orhierarchy of steps in the processes may be rearranged while remainingwithin the scope of the present disclosure. The accompanying methodclaims present elements of the various steps in a sample order, and arenot meant to be limited to the specific order or hierarchy presented.

Those of skill in the art would understand that information and signalsmay be represented using any of a variety of different technologies andtechniques. For example, data, instructions, commands, information,signals, bits, symbols, and chips that may be referenced throughout theabove description may be represented by voltages, currents,electromagnetic waves, magnetic fields or particles, optical fields orparticles, or any combination thereof.

Those of skill would further appreciate that the various illustrativelogical blocks, modules, circuits, and algorithm steps described inconnection with the implementations disclosed herein may be implementedas electronic hardware, computer software embodied on a tangible medium,or combinations of both. To clearly illustrate this interchangeabilityof hardware and software, various illustrative components, blocks,modules, circuits, and steps have been described above generally interms of their functionality. Whether such functionality is implementedas hardware or software embodied on a tangible medium depends upon theparticular application and design constraints imposed on the overallsystem. Skilled artisans may implement the described functionality invarying ways for each particular application, but such implementationdecisions should not be interpreted as causing a departure from thescope of the present disclosure.

The various illustrative logical blocks, modules, and circuits describedin connection with the implementations disclosed herein may beimplemented or performed with a general purpose processor, a digitalsignal processor (DSP), an application specific integrated circuit(ASIC), a field programmable gate array (FPGA) or other programmablelogic device, discrete gate or transistor logic, discrete hardwarecomponents, or any combination thereof designed to perform the functionsdescribed herein. A general-purpose processor may be a microprocessor,but in the alternative, the processor may be any conventional processor,controller, microcontroller, or state machine. A processor may also beimplemented as a combination of computing devices, e.g., a combinationof a DSP and a microprocessor, a plurality of microprocessors, one ormore microprocessors in conjunction with a DSP core, or any other suchconfiguration.

The steps of a method or algorithm described in connection with theimplementations disclosed herein may be embodied directly in hardware,in a software module executed by a processor, or in a combination of thetwo. A software module may reside in RAM memory, flash memory, ROMmemory, EPROM memory, EEPROM memory, registers, hard disk, a removabledisk, a CD-ROM, or any other form of storage medium known in the art. Anillustrative storage medium is coupled to the processor such theprocessor can read information from, and write information to, thestorage medium. In the alternative, the storage medium may be integralto the processor. The processor and the storage medium may reside in anASIC. The ASIC may reside in a user terminal. In the alternative, theprocessor and the storage medium may reside as discrete components in auser terminal.

In one or more illustrative implementations, the functions described maybe implemented in hardware, software or firmware embodied on a tangiblemedium, or any combination thereof. If implemented in software, thefunctions may be stored on or transmitted over as one or moreinstructions or code on a computer-readable medium. Computer-readablemedia includes both computer storage media and communication mediaincluding any medium that facilitates transfer of a computer programfrom one place to another. A storage media may be any available mediathat can be accessed by a computer. By way of example, and notlimitation, such computer-readable media can comprise RAM, ROM, EEPROM,CD-ROM or other optical disk storage, magnetic disk storage or othermagnetic storage devices, or any other medium that can be used to carryor store desired program code in the form of instructions or datastructures and that can be accessed by a computer. In addition, anyconnection is properly termed a computer-readable medium. For example,if the software is transmitted from a website, server, or other remotesource using a coaxial cable, fiber optic cable, twisted pair, digitalsubscriber line (DSL), or wireless technologies such as infrared, radio,and microwave, then the coaxial cable, fiber optic cable, twisted pair,DSL, or wireless technologies such as infrared, radio, and microwave areincluded in the definition of medium. Disk and disc, as used herein,includes compact disc (CD), laser disc, optical disc, digital versatiledisc (DVD), floppy disk, and Blu-Ray disc where disks usually reproducedata magnetically, while discs reproduce data optically with lasers.Combinations of the above should also be included within the scope ofcomputer-readable media.

The previous description of the disclosed implementations is provided toenable any person skilled in the art to make or use the presentdisclosure. Various modifications to these implementations will bereadily apparent to those skilled in the art, and the generic principlesdefined herein may be applied to other implementations without departingfrom the spirit or scope of the disclosure. Thus, the present disclosureis not intended to be limited to the implementations shown herein but isto be accorded the widest scope consistent with the principles and novelfeatures disclosed herein.

What is claimed is:
 1. A method for controlling personal content on amedia device, the method comprising: establishing, using a hardwareprocessor of the media device, a connection with a mobile user device;receiving account information from the mobile user device for an accountassociated with personal content, the personal content associated withthe account accessible by the media device from a server computer usinga wide area network; and receiving a usage term from the mobile userdevice for accessing the personal content of the account, wherein theusage term specifies a rule indicating that upon the mobile user devicebeing disconnected from the media device the media device is to inhibitat least a portion of the personal content associated with the accountfrom being presented; accessing, using the media device, personalcontent from the server computer; presenting, using the media device, atleast a portion of content from the personal content accessed from theserver computer; determining that the connection with the mobile userdevice has been disconnected; and inhibiting presentation, by the mediadevice, of at least the portion of content from the personal content inresponse to determining that the connection with the mobile user devicehas been disconnected.
 2. The method of claim 1, further comprising:receiving a request from the mobile user device to terminate theconnection; and disconnecting from the mobile user device in response toreceiving the request to terminate the connection.
 3. The method ofclaim 1, wherein the connection with the mobile user device is madeusing a local area network.
 4. The method of claim 1, wherein theconnection with the mobile user device is made using a direct connectionto the mobile user device.
 5. The method of claim 1, further comprising:receiving a request to present personal content associated with theaccount; determining that the media device is not authorized to presentthe personal content associated with the account at the time that therequest is received; and in response to determining that the mediadevice is not authorized to present the personal content, causing, usingthe hardware processor, a graphical user interface to be presented,wherein the graphical user interface prompts a user of the mobile userdevice to permit the media device to access the personal content, andwherein the graphical user interface presents information about anapplication, with which the account is associated, that is attempting toaccess the personal content.
 6. The method of claim 5, wherein thegraphical user interface is caused to be presented on a displayassociated with the media device.
 7. The method of claim 6, furthercomprising: receiving input, via the graphical user interface, to modifyaccess rights to the account associated with the personal content; andforwarding the modified access rights to the mobile user device.
 8. Themethod of claim 5, wherein the graphical user interface is caused to bepresented on a display associated with the mobile user device, andwherein the graphical user interface includes: an option to grant themedia device access to the personal content based on the usage term; andan option to deny the media device access to the personal content. 9.The method of claim 5, further comprising, in response to receiving theusage term, causing presentation of the graphical user interface to beinhibited.
 10. The method of claim 1, wherein the media device comprisesat least one of: a set-top box, a smart television, a disk player, adigital video recorder, and a video game system.
 11. A system forcontrolling personal content on a media device, the system comprising: ahardware processor of a media device that is configured to: establish aconnection with a mobile user device; receive account information fromthe mobile user device for an account associated with personal content,the personal content associated with the account accessible by the mediadevice from a server computer using a wide area network; and receive ausage term from the mobile user device for accessing the personalcontent of the account, wherein the usage term specifies a ruleindicating that upon the mobile user device being disconnected from themedia device the media device is to inhibit at least a portion of thepersonal content associated with the account from being presented;access personal content from the server computer; present at least aportion of content from the personal content accessed from the servercomputer; determine that the connection with the mobile user device hasbeen disconnected; and inhibit presentation, by the media device, of atleast the portion of content from the personal content in response todetermining that the connection with the mobile user device has beendisconnected.
 12. The system of claim 11, wherein the hardware processoris further configured to: receive a request from the mobile user deviceto terminate the connection; and disconnect from the mobile user devicein response to receiving the request to terminate the connection. 13.The system of claim 11, wherein the connection with the mobile userdevice is made using a local area network.
 14. The system of claim 11,wherein the connection with the mobile user device is made using adirect connection to the mobile user device.
 15. The system of claim 11,wherein the hardware processor is further configured to: receive arequest to present personal content associated with the account;determine that the media device is not authorized to present thepersonal content associated with the account at the time that therequest is received; and in response to determining that the mediadevice is not authorized to present the personal content, cause agraphical user interface to be presented, wherein the graphical userinterface prompts a user of the mobile user device to permit the mediadevice to access the personal content, and wherein the graphical userinterface presents information about an application, with which theaccount is associated, that is attempting to access the personalcontent.
 16. The system of claim 15, wherein the graphical userinterface is caused to be presented on a display associated with themedia device.
 17. The system of claim 16, wherein the hardware processoris further configured to: receive input, via the graphical userinterface, to modify access rights to the account associated with thepersonal content; and forward the modified access rights to the mobileuser device.
 18. The system of claim 15, wherein the graphical userinterface is caused to be presented on a display associated with themobile user device, and wherein the graphical user interface includes:an option to grant the media device access to the personal content basedon the usage term; and an option to deny the media device access to thepersonal content.
 19. The system of claim 15, wherein the hardwareprocessor is further configured to, in response to receiving the usageterm, cause presentation of the graphical user interface to beinhibited.
 20. The system of claim 11, wherein the media devicecomprises at least one of: a set-top box, a smart television, a diskplayer, a digital video recorder, and a video game system.
 21. Acomputer program product for controlling personal content on a mediadevice, the computer program product comprising: a non-transitorycomputer-readable medium comprising code for: establishing, using themedia device, a connection with a mobile user device; receiving accountinformation from the mobile user device for an account associated withpersonal content, the personal content associated with the accountaccessible by the media device from a server computer using a wide areanetwork; and receiving a usage term from the mobile user device foraccessing the personal content of the account, wherein the usage termspecifies a rule indicating that upon the mobile user device beingdisconnected from the media device the media device is to inhibit atleast a portion of the personal content associated with the account frombeing presented; accessing, using the media device, personal contentfrom the server computer; presenting, using the media device, at least aportion of content from the personal content accessed from the servercomputer; determining that the connection with the mobile user devicehas been disconnected; and inhibiting presentation, by the media device,of at least the portion of content from the personal content in responseto determining that the connection with the mobile user device has beendisconnected.